Oval Definition:oval:org.mitre.oval:def:13827
Revision Date:2014-06-30Version:20
Title:USN-778-1 -- cron vulnerability
Description:It was discovered that cron did not properly check the return code of the setgid and initgroups system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid check referred to by CVE-2006-2607.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2006-2607
USN-778-1
USN-778-1
Platform(s):Ubuntu 6.06
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Product(s):cron
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND cron DPKG is earlier than 3.0pl1-100ubuntu2.1
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND cron DPKG is earlier than 3.0pl1-105ubuntu1.1
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND cron DPKG is earlier than 3.0pl1-92ubuntu1.1
  • OR Release section
  • Ubuntu 8.10 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND cron DPKG is earlier than 3.0pl1-104+ubuntu5.1
    • BACK